DirectAccess in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly verify server X.509 certificates, which allows man-in-the-middle attackers to spoof servers and read encrypted domain credentials via a crafted certificate.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2013-11-16T02:00:00Z

Updated: 2024-09-16T20:36:42.576Z

Reserved: 2013-06-03T00:00:00Z

Link: CVE-2013-3876

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-11-18T03:55:05.680

Modified: 2024-11-21T01:54:27.963

Link: CVE-2013-3876

cve-icon Redhat

No data.